There are a few application security products that combine multiple categories — what Koeppen calls traffic processing engines — such as from Barracuda, Imperva and F5. That consolidation can help eliminate tool and alert fatigue, which ultimately leads to spending a lot of time chasing false positives. “The biggest challenge is in handling overall risk management properly,” he tells CSO. “We need to streamline this and consolidate multiple tools wherever possible.”
Using automation badly
That brings us to the last issue, using automation infrequently or not very effectively. Even with the best tools, alerts can pile up and take time to analyze. This is where generative AI can help, because it can quickly identify false positives, connect the dots among alerts that require immediate attention, and provide quick remediation, thereby increasing security across an enterprise. “The biggest problem with security software, especially website and API protection is the prevalence of false positives,” Venky Sundar, president of Indusface, tells CSO.
Automation is essential to the modern appsec environment, especially as an aid to performing regular penetration and vulnerability testing. This advice is echoed by numerous security experts, including the Open Web Application Security Project (OWASP) and CISA.
